Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-43093 |
|
Vulnerability in linux (CVE-2026-43093)
vulnerability in linux (CVE-2026-43093). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43084 |
|
Use-After-Free in c (CVE-2026-43084)
vulnerability in c (CVE-2026-43084). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43074 |
|
Vulnerability in c (CVE-2026-43074)
vulnerability in c (CVE-2026-43074). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43075 |
|
Out-of-Bounds Write in c (CVE-2026-43075)
out-of-bounds write in c (CVE-2026-43075). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43076 |
|
Use-After-Free in linux (CVE-2026-43076)
vulnerability in linux (CVE-2026-43076). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43078 |
|
Out-of-Bounds Write in linux (CVE-2026-43078)
out-of-bounds write in linux (CVE-2026-43078). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7841 |
|
Code Injection in CVE-2026-7841 (CVE-2026-7841)
code injection in CVE-2026-7841 (CVE-2026-7841). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71255 |
|
Vulnerability in dos (CVE-2025-71255)
vulnerability in dos (CVE-2025-71255). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71256 |
|
Vulnerability in dos (CVE-2025-71256)
vulnerability in dos (CVE-2025-71256). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71252 |
|
Vulnerability in dos (CVE-2025-71252)
vulnerability in dos (CVE-2025-71252). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71253 |
|
Vulnerability in dos (CVE-2025-71253)
vulnerability in dos (CVE-2025-71253). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71254 |
|
Vulnerability in dos (CVE-2025-71254)
vulnerability in dos (CVE-2025-71254). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71251 |
|
Vulnerability in dos (CVE-2025-71251)
vulnerability in dos (CVE-2025-71251). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42334 |
|
Vulnerability in mongoose (CVE-2026-42334)
vulnerability in mongoose (CVE-2026-42334). Confidential information can be exposed externally. Exploitable via ``sanitizeFilter``. Mitigation: upgrade to `9.1.6` or later.
|
| CVE-2026-42997 |
|
Vulnerability in ironic-python-agent (CVE-2026-42997)
vulnerability in ironic-python-agent (CVE-2026-42997). Confidential information can be exposed externally. Mitigation: upgrade to `26.1.6` or later.
|
| CVE-2026-44167 |
|
Vulnerability in phpseclib/phpseclib (CVE-2026-44167)
vulnerability in phpseclib/phpseclib (CVE-2026-44167). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.29` or later.
|
| CVE-2026-39383 |
|
SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-39383)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-39383). Confidential information can be exposed externally. Exploitable via ``FilterDeadline``. Mitigation: upgrade to `8.31.0` or later.
|
| CVE-2026-39852 |
|
Authorization Flaw in io.quarkus:quarkus-vertx-http (CVE-2026-39852)
vulnerability in io.quarkus:quarkus-vertx-http (CVE-2026-39852). Confidential information can be exposed externally. Mitigation: upgrade to `3.35.1.1` or later.
|
| CVE-2026-39849 |
|
Vulnerability in pi-hole (CVE-2026-39849)
vulnerability in pi-hole (CVE-2026-39849). Successful exploitation can lead to full system takeover. Exploitable via ``dns.interface``.
|
| CVE-2026-42285 |
|
Vulnerability in github.com/osrg/gobgp/v4 (CVE-2026-42285)
vulnerability in github.com/osrg/gobgp/v4 (CVE-2026-42285). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.5.0` or later.
|
| CVE-2026-35397 |
|
Path Traversal in jupyter-server (CVE-2026-35397)
path traversal in jupyter-server (CVE-2026-35397). Successful exploitation can lead to full system takeover. Exploitable via ``root_dir``. Mitigation: upgrade to `2.18.0` or later.
|
| CVE-2026-40280 |
|
SSRF (Server-Side Request Forgery) in github.com/gotenberg/gotenberg/v8 (CVE-2026-40280)
SSRF in github.com/gotenberg/gotenberg/v8 (CVE-2026-40280). Confidential information can be exposed externally. Exploitable via ``downloadFrom``. Mitigation: upgrade to `8.31.0` or later.
|
| CVE-2026-32936 |
|
Vulnerability in github.com/coredns/coredns (CVE-2026-32936)
vulnerability in github.com/coredns/coredns (CVE-2026-32936). Risk of unauthorized operations or information disclosure. Exploitable via ``dns``. Mitigation: upgrade to `1.14.3` or later.
|
| CVE-2026-33190 |
|
Authentication Bypass in github.com/coredns/coredns (CVE-2026-33190)
authentication bypass in github.com/coredns/coredns (CVE-2026-33190). Confidential information can be exposed externally. Mitigation: upgrade to `1.14.3` or later.
|
| CVE-2026-33324 |
|
SQL Injection in fit2cloud (CVE-2026-33324)
SQL injection in fit2cloud (CVE-2026-33324). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33489 |
|
Vulnerability in github.com/coredns/coredns (CVE-2026-33489)
vulnerability in github.com/coredns/coredns (CVE-2026-33489). Confidential information can be exposed externally. Mitigation: upgrade to `1.14.3` or later.
|
| CVE-2026-32934 |
|
Vulnerability in github.com/coredns/coredns (CVE-2026-32934)
vulnerability in github.com/coredns/coredns (CVE-2026-32934). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.14.3` or later.
|
| CVE-2026-25243 |
|
Vulnerability in redis (CVE-2026-25243)
vulnerability in redis (CVE-2026-25243). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23631 |
|
Use-After-Free in redis (CVE-2026-23631)
vulnerability in redis (CVE-2026-23631). Data can be tampered with by attackers.
|
| CVE-2026-23479 |
|
Use-After-Free in redis (CVE-2026-23479)
vulnerability in redis (CVE-2026-23479). Successful exploitation can lead to full system takeover. Exploitable via ``processCommandAndResetClient``.
|
| CVE-2026-40110 |
|
Vulnerability in jupyter-server (CVE-2026-40110)
vulnerability in jupyter-server (CVE-2026-40110). Confidential information can be exposed externally. Exploitable via ``allow_origin_pat``. Mitigation: upgrade to `057869a327c46730afede3eab0ca2d2` or later.
|
| CVE-2026-43070 |
|
Out-of-Bounds Read in linux (CVE-2026-43070)
vulnerability in linux (CVE-2026-43070). Successful exploitation can lead to full system takeover. Exploitable via ``__mark_reg_known``.
|
| CVE-2026-43060 |
|
Vulnerability in CVE-2026-43060 (CVE-2026-43060)
vulnerability in CVE-2026-43060 (CVE-2026-43060). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43062 |
|
Vulnerability in linux (CVE-2026-43062)
vulnerability in linux (CVE-2026-43062). Data can be tampered with by attackers.
|
| CVE-2026-43063 |
|
Vulnerability in linux (CVE-2026-43063)
vulnerability in linux (CVE-2026-43063). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31196 |
|
OS Command Injection in CVE-2026-31196 (CVE-2026-31196)
OS command injection in CVE-2026-31196 (CVE-2026-31196). Successful exploitation can lead to full system takeover.
|
| CVE-2026-31195 |
|
OS Command Injection in CVE-2026-31195 (CVE-2026-31195)
OS command injection in CVE-2026-31195 (CVE-2026-31195). Successful exploitation can lead to full system takeover.
|
| CVE-2026-36355 |
|
Information Disclosure in CVE-2026-36355 (CVE-2026-36355)
vulnerability in CVE-2026-36355 (CVE-2026-36355). Confidential information can be exposed externally.
|
| CVE-2026-6918 |
|
Out-of-Bounds Read in eclipse (CVE-2026-6918)
vulnerability in eclipse (CVE-2026-6918). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42437 |
|
Vulnerability in openclaw (CVE-2026-42437)
vulnerability in openclaw (CVE-2026-42437). Risk of unauthorized operations or information disclosure. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.4.10` or later.
|
| CVE-2023-54348 |
|
Vulnerability in c (CVE-2023-54348)
vulnerability in c (CVE-2023-54348). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43869 |
|
Vulnerability in org.apache.thrift:libthrift (CVE-2026-43869)
vulnerability in org.apache.thrift:libthrift (CVE-2026-43869). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.23.0` or later.
|
| CVE-2026-6180 |
|
Vulnerability in papercut (CVE-2026-6180)
vulnerability in papercut (CVE-2026-6180). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44028 |
|
Vulnerability in CVE-2026-44028 (CVE-2026-44028)
vulnerability in CVE-2026-44028 (CVE-2026-44028). Confidential information can be exposed externally.
|
| CVE-2026-42039 |
|
Vulnerability in axios (CVE-2026-42039)
vulnerability in axios (CVE-2026-42039). Risk of unauthorized operations or information disclosure. Exploitable via `POST /forward`. Mitigation: upgrade to `0.31.1` or later.
|
| CVE-2026-38751 |
|
Unrestricted File Upload in devcode-it/openstamanager (CVE-2026-38751)
vulnerability in devcode-it/openstamanager (CVE-2026-38751). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44113 |
|
Vulnerability in openclaw (CVE-2026-44113)
vulnerability in openclaw (CVE-2026-44113). Confidential information can be exposed externally. Mitigation: upgrade to `2026.4.22` or later.
|
| CVE-2026-41895 |
|
XXE (XML External Entity) in changedetection.io (CVE-2026-41895)
vulnerability in changedetection.io (CVE-2026-41895). Confidential information can be exposed externally. Exploitable via ``XXE``.
|
| CVE-2026-41326 |
|
Vulnerability in github.com/kata-containers/kata-containers (CVE-2026-41326)
vulnerability in github.com/kata-containers/kata-containers (CVE-2026-41326). Confidential information can be exposed externally. Exploitable via ``policy_data.common.cpath``. Mitigation: upgrade to `0.0.0-20260422180503-1b9e49eb2763` or later.
|
| CVE-2026-42151 |
|
Information Disclosure in github.com/prometheus/prometheus (CVE-2026-42151)
vulnerability in github.com/prometheus/prometheus (CVE-2026-42151). Confidential information can be exposed externally. Exploitable via ``client_secret``. Mitigation: upgrade to `0.311.3` or later.
|